itlawwikiaorg-20200214-history
Firewall
Definitions A firewall How it works A firewall is a staple of security in today’s IP networks. Whether protecting a LAN, WAN, encapsulating a DMZ, or just protecting a single computer, a firewall is usually the first line of defense against would be attackers. At one time, most firewalls were deployed at network perimeters. This provided some measure of protection for internal hosts, but it could not recognize all instances and forms of attack, and attacks sent from one internal host to another often do not pass through network firewalls. Because of these and other factors, network designers now often include firewall functionality at places other than the network perimeter to provide an additional layer of security, as well as to protect mobile devices that are placed directly onto external networks. There are several types of firewall techniques: * Application gateway * Circuit-level gateway * Packet filter * Proxy server * Stateful inspection firewall In practice, many firewalls use two or more of these techniques in concert. "Firewalls have two forms: a firewall may be software program running on your computer or it may be a separate piece of hardware that watches what is being sent and received over a network. Firewalls can block transmissions that are unexpected or disallowed."Information Technology Security Handbook, Annex 1, Glossary. A firewall is set up as the single point through which communications must pass. This enables the firewall to act as a protective barrier between the protected network and any external networks. Any information leaving the internal network can be forced to pass through a firewall as it leaves the network or host. Incoming data can enter only through the firewall. Firewalls work by blocking traffic deemed to be invasive, intrusive, or just plain malicious from flowing through them. If networks are castles, firewalls are the drawbridges. Traffic not meeting the requirements of the firewall is dropped. Processing of traffic is determined by a set of rules programmed into the firewall by the network administrator. These may include such commands as "Block all FTP traffic (port 21)" or "Allow all HTTP traffic (port 80)". Much more complex rule sets are available in almost all firewalls. Firewalls are typically deployed where a corporate network connects to the Internet. A useful property of a firewall, in this context, is that it provides a central location for deploying security policies. It is the ultimate bottleneck for network traffic because when properly designed, no traffic can enter or exit the LAN without passing through the firewall. Firewalls close unneeded ports through which Internet communications can enter the computer, and block incoming Internet communications — and sometimes outgoing communications — unless the consumer has authorized those communications. However, firewalls usually do not check the contents of the communications coming in or going out, so as to determine whether a file contains a virus, for example. That is generally left to a virus checker. Firewalls can also be used internally, to guard areas of an organization against unauthorized internal access. For example, many corporate networks use firewalls to restrict access to internal networks that perform sensitive functions, such as accounting or personnel. A properly configured firewall will stop the majority of publicly available cyberattacks. Firewalls may be client managed or centrally managed. International usage In several countries, including China and Iran, firewalls have been established on a national level to prevent Internet users from accessing certain content from abroad. References See also * Application firewall * Desktop firewall * Firewall environment * Firewall management * Gateway firewall * Hardware firewall * Interior firewall * NIST Special Publication 800-41, Guidelines on Firewalls and Firewall Policy (Sept. 2009). * Perimeter firewall * Personal firewall * Understanding Firewalls Category:Technology Category:Software Category:Security Category:Hardware